CISA adds a critical ASUS Live Update vulnerability to its KEV list, citing active exploitation linked to a past supply chain ...

An ASUS Live Update vulnerability tracked as CVE-2025-59374 has been making the rounds in infosec feeds, with some headlines ...

CISA warns of attacks exploiting CVE-2025-59374, a backdoor introduced in the Asus Live Update tool in a supply chain attack.

Asus confirmed Tuesday that “a small number of devices” had been implemented with malicious code following an attack on its Live Update utility. That app has been patched, Asus said. Asus said that it ...

Usually, when CISA adds flaws to KEV, it means that Federal Civilian Executive Branch agencies have a three-week deadline to patch up or stop using the products entirely. For the ASUS flaw, agencies ...

ASUS released today a new version of the Live Update tool that contains fixes for vulnerabilities that were exploited by a nation-state group to deploy the ShadowHammer backdoor on up to one million ...

Hackers are said to have installed backdoors on PCs through Asus's Live Update software. When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. Update: ...

Like many PC vendors, Asus ships computers with a utility that can download and install firmware updates. And last year hackers managed to create a version of that Asus Live Update utility with a ...

Yesterday the news broke that Asus Live Update software installed on laptops and PCs from the Taiwanese manufacturer contained a backdoor between June and November 2018. Thus far it has been silent at ...

Asus confirmed today that its Live Update utility has been indeed infected with malicious code by an advanced persistent threat (APT) group as part of a supply chain attack which managed to compromise ...

A cybercriminal campaign focused on targeting the supply chain through the exploitation of ASUS Live Update software may have involved the installation of backdoors on over one million PCs. On Monday, ...